[ previous ] [ next ] [ threads ]
 
 From:  "Danny Puckett" <dpuckett at comresource dot com>
 To:  <m0n0wall at lists dot m0n0 dot ch>
 Subject:  m0n0wall frontend
 Date:  Fri, 7 Jan 2005 14:42:45 -0500 
I have a test network setup as follows.  I want to use m0n0wall as my

front-end firewall performing NAT while using an ISA2004 as a backend

firewall.  If I use the ISA server as a NAT (double NATing..bleh) everything

works ok.  But when I change the ISA box to routing, then add a static route

to the LAN interface of m0n0wall back to the 192.168.100.0/24 subnet, the

Windows 2003 server can no longer perform DNS lookups.  I have tried most

everything I can think of but the firewall log in m0n0wall shows that it is

blocking DNS.  What is odd is that in the logs the DNS request looks like it

goes out ok but the results are being blocked with my ISPs address listed on

the LAN interface and not the WAN.  Can anyone tell me what I am doing

wrong? Thanks.  dtp

 

           1.2.3.4

         -----------

        |           |

        | m0n0wall  |

        |           |

         -----------

         192.168.2.1

              |

              |

              |

         192.168.2.2

         -----------

        |           |

        |  ISA2004  |

        |           |

         -----------

       192.168.100.254

              |

              |

              |

        192.168.100.1

         -----------

        |           |

        |  W2K3DNS  |

        |           |

         -----------
smime.p7s (4.0 KB, application/x-pkcs7-signature)